cookie-session - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

index.js

		@@ -9,8 +9,8 @@ /**
		/**
		* Initialize session middleware with `opts`:
		* Initialize session middleware with options.
		*
		* - `key` session cookie name ["koa:sess"]
		* - all other options are passed as cookie options
		* See README.md for documentation of options.
		*
		* @param {Object} [opts]
		* @return {Function} middleware
		* @api public
		@@ -22,4 +22,4 @@ */

		// key
		var key = opts.key \|\| 'express:sess';
		// name - previously "opts.key"
		var name = opts.name \|\| opts.key \|\| 'express:sess';

		@@ -39,3 +39,3 @@ // secrets

		return function (req, res, next){
		return function cookieSession(req, res, next){
		var cookies = req.sessionCookies = new Cookies(req, res, keys);
		@@ -46,3 +46,3 @@ var sess, json;
		req.sessionOptions = opts;
		req.sessionKey = key;
		req.sessionKey = name;

		@@ -56,3 +56,3 @@ req.__defineGetter__('session', function(){

		json = cookies.get(key, opts);
		json = cookies.get(name, opts);

		@@ -92,3 +92,3 @@ if (json) {
		// remove
		cookies.set(key, '', opts);
		cookies.set(name, '', opts);
		} else if (!json && !sess.length) {
		@@ -191,6 +191,6 @@ // do nothing if new and not populated
		var opts = ctx.sessionOptions;
		var key = ctx.sessionKey;
		var name = ctx.sessionKey;

		debug('save %s', json);
		ctx.sessionCookies.set(key, json, opts);
		ctx.sessionCookies.set(name, json, opts);
		};
		@@ -222,2 +222,2 @@
		return new Buffer(body).toString('base64');
		}
		}

package.json

		@@ -5,3 +5,3 @@ {
		"repository": "expressjs/cookie-session",
		"version": "1.0.1",
		"version": "1.0.2",
		"keywords": [
		@@ -28,4 +28,4 @@ "connect",
		"scripts": {
		"test": "make test"
		"test": "mocha --require should --reporter spec --bail"
		}
		}

Readme.md

		@@ -1,49 +0,62 @@
		# cookie-session
		# cookie-session [![Build Status](https://travis-ci.org/expressjs/cookie-session.svg)](https://travis-ci.org/expressjs/cookie-session) [![NPM version](https://badge.fury.io/js/cookie-session.svg)](http://badge.fury.io/js/cookie-session)

		Simple cookie-based session middleware.
		Simple cookie-based session middleware.

		## Example
		## Semantics

		This module provides "guest" sessions, meaning any visitor will have a session,
		authenticated or not. If a session is _new_ a `Set-Cookie` will be produced regardless
		of populating the session.

		## API

		View counter example:

		```js
		var session = require('cookie-session');
		var connect = require('connect');
		var app = connect();
		var express = require('express')
		var session = require('cookie-session')

		var app = express()

		app.use(session({
		keys: ['a', 'b']
		}));
		app.use(session());
		keys: ['key1', 'key2'],
		secureProxy: true // if you do SSL outside of node
		}))

		app.use(function (req, res, next){
		var n = req.session.views \|\| 0;
		req.session.views = ++n;
		res.end(n + ' views');
		app.use(function (req, res, next) {
		var n = req.session.views \|\| 0
		req.session.views = ++n
		res.end(n + ' views')
		})

		app.listen(3000);
		console.log('listening on port 3000');
		app.listen(3000)
		```

		## Semantics
		### Options

		This module provides "guest" sessions, meaning any visitor will have a session,
		authenticated or not. If a session is _new_ a Set-Cookie will be produced regardless
		of populating the session.
		- `name` - The cookie name. Defaults to `express:sess`.
		- `keys` - Keys with which to sign the cookie. See `signed` in cookie options. Multiple keys allows for using rotating credentials.
		- `secret` - A string which will be used as single key if `keys` is not found.

		## API

		### Options

		The cookie name is controlled by the `key` option, which defaults
		to "express:sess". All other options are passed to `cookies.get()` and
		Other options are passed to `cookies.get()` and
		`cookies.set()` allowing you to control security, domain, path,
		and signing among other settings.

		#### Cookie Options

		- `maxage` - a number representing the milliseconds from `Date.now()` for expiry.
		- `expires` - a `Date` object indicating the cookie's expiration date (expires at the end of session by default).
		- `path` - a string indicating the path of the cookie (`/` by default).
		- `domain` - a string indicating the domain of the cookie (no default).
		- `secure` - a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).
		- `secureProxy` - a boolean indicating whether the cookie is only to be sent over HTTPS (use this if you handle SSL outside your node process).
		- `httpOnly` - a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).
		- `signed` - a boolean indicating whether the cookie is to be signed (`true` by default). If this is true, another cookie of the same name with the `.sig` suffix appended will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [Keygrip](https://github.com/jed/keygrip) key. This signature key is used to detect tampering the next time a cookie is received.
		- `overwrite` - a boolean indicating whether to overwrite previously set cookies of the same name (`true` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.

		Read more here: https://github.com/jed/cookies

		### Session#isNew
		### Session.isNew

		Returns __true__ if the session is new.
		Is `true` if the session is new.

		@@ -55,3 +68,3 @@ ### Destroying a session
		```js
		req.session = null;
		req.session = null
		```
		@@ -58,0 +71,0 @@

cookie-session - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics